I was under the impression that addresses are just an encoded, hashed public keys with a prefix and that only the public key is used on the blockchain (not the address) for transactions.
But if the public key is hashed, how does the wallet get the public key from the address to create a transaction?

I did some research which confirmed my doubts that this is not possible. So I was wondering, how does the wallet create a transaction if it doesn't have the public key?

EDIT:
I mean how does someone trying to send 10 BTC get the public key of the receiver for pay to public key from the receivers to address. I fully understand the cryptographic element of private & public keypairs and how bitcoin is spent just not how the public key of the receiver is derived from the address. What I have seen is that (most commonly) transactions are pay to public key hash (P2PKH) rather than what I originally thought which was all txns are pay to public key (P2PK).

3 Answers
3

Perhaps you're confused by the phrasing "the wallet", as it's only the receiver's wallet who needs to know the public key, and he has it, because he created the address in the first place.

In what follows, I'm going to assume a standard 1... address (pay to pubkey hash). That's not the only type of address, but similar ressonings apply to every type of addresses.

In the normal workflow, there are two wallets involved. Let's call them Suzy (the sender) and Rudy (the receiver).

Rudy generates a private key x.

Rudy computes the public key corresonding to x, called P.

Rudy computes the addreds A corresponding to P by hashing it.

Rudy sends A to Suzy (by sending it in person, or putting it on a website, or showing it as a QR code, or ...).

Suzy constructs a transaction that contains an output addressed to A. Suzy has no clue what public key A corresponds to, but also doesn't care. This address really encodes "require a public key and a signature valid for that key, and the hash of the public key needs to be A".

Suzy broadcasts the transaction on the network, where it will be picked up by miners who put it in a block, finalizing the transfer.

Now when Rudy wants to spend the coins he received from Suzy, he needs to satisfy the condition that Suzy put in the transaction. This requires the public key P (as that's the only known public key whose hash is A), and a signature created using private key x (which is the only private key that can construct signatures that are valid for P). Thankfully, Rudy has both x and P, because he was the one who created them.

Yes, addresses are encoded (base58 or base32) to help human readability. They include a checksum to ensure protection against errors in address transcription and entry. A bitcoin address can represent the owner of a private/ public key pair, or it can represent any other script that can be represented through P2SH or P2WSH.

But if the public key is hashed, how does the wallet get the public key from the address to create a transaction?

To create a transaction that spends your bitcoins, you need access to the private key. That is because almost all of the transactions need to include the signature of the private key you hold in order to spend the funds that were locked.

However, you can have a watch-only wallet in case you are apprehensive of using private keys on a network connected device. A watch-only wallet allows you to watch what happens to those cold storage bitcoins without exposing the private keys to the online world. This includes importing your master public key at the account level that helps you create different addresses for that account. With the master public key at the account level, you can create receiving/change addresses as you have access to the public keys that will be used to create those addresses. The software just hashes the public keys and encode them in the way you like (P2WPKH or P2PKH).

@ArielHurdle You cannot derive public key from the address. Addresses are mostly hash160 of the public key and hashes are one way mathematical functions. If you want to create a P2PK transaction, you would need to ask the payee directly for the public key.
– Ugam KamatAug 4 at 16:43

There are different kinds of ouputs a transaction can pay to.
For simplicity I'll explain it with a Pay-to-PubkeyHash (P2PKH) output as an example. I think this is what your question is based on.

With a P2PKH output you are right. An address is just an encoded and hashed public key with a prefix. You can remove the prefix and reverse the encoding, but you can't find the preimage to the hash (in our case the public key).

But you don't need to. As the name Pay-to-PubkeyHash suggests, you only pay to the hash of the public key in your transaction. The receiver then can calculate the public key, as long as he has the private key, if he needs to.

thanks, so on the blockchain transaction records dont use the public key of the reciver but the hash of the public key? and then i presume when getting your balance you scan the blockchsin with your address rather than yoir public key?
– Ariel HurdleAug 3 at 13:23

There are different kinds of transactions. For P2PKH only the public key hash is included when paying to an address (someone spending a P2PKH output reveals the public key though). A wallet knows the private keys, calculates the public keys and their hashes and 'scans' for them.
– 0xb10cAug 3 at 13:31

@oxb10c ok so for P2PKH the wallet doesnt need the public key, but what about P2PK transactions? how does the wallet send those?
– Ariel HurdleAug 3 at 13:35

For P2PK you don't hash the public key in the address, just encode and add a prefix.
– 0xb10cAug 3 at 14:06

I see, so the receiver would generate his address like this Publickey --> encode (eg AES?) --> add prefix = address and then the sender reverses that proccess?
– Ariel HurdleAug 3 at 14:16